diff options
-rw-r--r-- | source3/nsswitch/winbindd_group.c | 23 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_proto.h | 5 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_util.c | 10 |
3 files changed, 19 insertions, 19 deletions
diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c index 3bee95b845..713c0e70b6 100644 --- a/source3/nsswitch/winbindd_group.c +++ b/source3/nsswitch/winbindd_group.c @@ -894,13 +894,17 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state) uint32 user_rid, num_groups, num_gids; DOM_GID *user_groups = NULL; struct winbindd_domain *domain; - enum winbindd_result result; + enum winbindd_result result = WINBINDD_ERROR; gid_t *gid_list; int i; + TALLOC_CTX *mem_ctx; DEBUG(3, ("[%5d]: getgroups %s\n", state->pid, state->request.data.username)); + if (!(mem_ctx = talloc_init())) + return WINBINDD_ERROR; + /* Parse domain and username */ parse_domain_user(state->request.data.username, name_domain, @@ -910,14 +914,14 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state) the entire name. */ if (strequal(name_domain, "")) - return WINBINDD_ERROR; + goto done; /* Get info for the domain */ if ((domain = find_domain_from_name(name_domain)) == NULL) { DEBUG(0, ("could not find domain entry for domain %s\n", name_domain)); - return WINBINDD_ERROR; + goto done; } slprintf(name, sizeof(name) - 1, "%s\\%s", name_domain, name_user); @@ -926,20 +930,20 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state) if (!winbindd_lookup_sid_by_name(name, &user_sid, &name_type)) { DEBUG(1, ("user '%s' does not exist\n", name_user)); - return WINBINDD_ERROR; + goto done; } if (name_type != SID_NAME_USER) { DEBUG(1, ("name '%s' is not a user name: %d\n", name_user, name_type)); - return WINBINDD_ERROR; + goto done; } sid_split_rid(&user_sid, &user_rid); - if (!winbindd_lookup_usergroups(domain, user_rid, &num_groups, - &user_groups)) - return WINBINDD_ERROR; + if (!winbindd_lookup_usergroups(domain, mem_ctx, user_rid, + &num_groups, &user_groups)) + goto done; /* Copy data back to client */ @@ -947,7 +951,6 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state) gid_list = malloc(sizeof(gid_t) * num_groups); if (state->response.extra_data) { - result = WINBINDD_ERROR; goto done; } @@ -971,7 +974,7 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state) result = WINBINDD_OK; done: - SAFE_FREE(user_groups); + talloc_destroy(mem_ctx); return result; } diff --git a/source3/nsswitch/winbindd_proto.h b/source3/nsswitch/winbindd_proto.h index 78afeae94c..7c3326ce36 100644 --- a/source3/nsswitch/winbindd_proto.h +++ b/source3/nsswitch/winbindd_proto.h @@ -133,11 +133,14 @@ BOOL get_domain_info(void); void free_domain_info(void); BOOL lookup_domain_sid(char *domain_name, struct winbindd_domain *domain); BOOL winbindd_lookup_sid_by_name(char *name, DOM_SID *sid, enum SID_NAME_USE *type); -BOOL winbindd_lookup_name_by_sid(DOM_SID *sid, fstring name, enum SID_NAME_USE *type); +BOOL winbindd_lookup_name_by_sid(DOM_SID *sid, + fstring name, + enum SID_NAME_USE *type); BOOL winbindd_lookup_userinfo(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, uint32 user_rid, SAM_USERINFO_CTR **user_info); BOOL winbindd_lookup_usergroups(struct winbindd_domain *domain, + TALLOC_CTX *mem_ctx, uint32 user_rid, uint32 *num_groups, DOM_GID **user_groups); BOOL winbindd_lookup_groupmem(struct winbindd_domain *domain, diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c index 75ed3a9efe..c603bac054 100644 --- a/source3/nsswitch/winbindd_util.c +++ b/source3/nsswitch/winbindd_util.c @@ -403,7 +403,6 @@ BOOL winbindd_lookup_sid_by_name(char *name, DOM_SID *sid, enum SID_NAME_USE *ty return False; /* Negative cache hit. */ return True; } - /* Lookup name */ if (!(mem_ctx = talloc_init())) @@ -431,7 +430,7 @@ BOOL winbindd_lookup_sid_by_name(char *name, DOM_SID *sid, enum SID_NAME_USE *ty *type = types[0]; /* Store the forward and reverse map of this lookup in the cache. */ - store_sid_by_name_in_cache(name, &sids[0], types[0]); + store_sid_by_name_in_cache(name, &sids[0], types[0]); store_name_by_sid_in_cache(&sids[0], name, types[0]); } else { /* JRA. Here's where we add the -ve cache store with a name type of SID_NAME_USE_NONE. */ @@ -587,19 +586,16 @@ BOOL winbindd_lookup_userinfo(struct winbindd_domain *domain, /* Lookup groups a user is a member of. I wish Unix had a call like this! */ BOOL winbindd_lookup_usergroups(struct winbindd_domain *domain, + TALLOC_CTX *mem_ctx, uint32 user_rid, uint32 *num_groups, DOM_GID **user_groups) { - TALLOC_CTX *mem_ctx; CLI_POLICY_HND *hnd; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; POLICY_HND dom_pol, user_pol; uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED; BOOL got_dom_pol = False, got_user_pol = False; - if (!(mem_ctx = talloc_init())) - return False; - /* Get sam handle */ if (!(hnd = cm_get_sam_handle(domain->name))) @@ -639,8 +635,6 @@ BOOL winbindd_lookup_usergroups(struct winbindd_domain *domain, if (got_dom_pol) cli_samr_close(hnd->cli, mem_ctx, &dom_pol); - talloc_destroy(mem_ctx); - return NT_STATUS_IS_OK(result); } |